If this is your first visit, be sure to
check out the Forum Rules by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.

whats the difference between these 2 programs? they appear to be the same program.

also does packet sniffing need to be done in monitor mode, or does it just have to be promiscuous mode, or both??

You might want to look up the difference between monitor mode and promiscuous mode. In doing that, your answer you shall find.

A third party security audit is the IT equivalent of a colonoscopy. It's long, intrusive, very uncomfortable, and when it's done, you'll have seen things you really didn't want to see, and you'll never forget that you've had one.

i just looked it up, from what i got was that in monitor mode you can capture packets without being associated with an access point, in promiscuous mode you have to be associated with the access point in order to capture packets from it, and correct me if im wrong but both promiscuous and monitor mode capture all packets even if they aren't directed at the network device.

I still dont get the difference between wireshark and wireshark wifi, i looked at the menu shortcuts and i guess that wireshark wifi starts in monitor mode for packet injection? is this correct?

so in order to capture packets successfully using say kismet, i need to be in both promiscuous and monitor mode?

I would say that just a quick look at the tools section of the wiki and it becomes obvious what the difference is.

Wireshark

Wireshark is a GUI network protocol analyzer. It lets you interactively browse packet data from a live network or from a previously saved capture file. Wireshark's native capture file format is libpcap format, which is also the format used by tcp- dump and various other tools.

Wireshark Wifi

Wireshark with Wifi Injection Patch allows the user to select a packet opened with wireshark and edit it and reinject throught LORCON injection library.